[Nelug] Blocking brute-force ssh attacks
James Ogden
james at jeo.org.uk
Thu Aug 10 06:25:52 UTC 2006
Martin Ward wrote:
> On Wednesday 09 Aug 2006 19:08, Stephen wrote:
>> I've got mine set up to allow only 1 user and to require the correct ssh
>> key, and disabled normal password authentication.
>
> That stops them getting in, but it doesn't stop them banging on the door
> for hours on end (which dropping all packets from their IP address does).
My inelegant, insecure but highly effective solution to this was to run
sshd
on a different port. It won't stop someone serious, of course, but it will
filter out the random script kiddies
James
More information about the Nelug
mailing list